automation: fix release/snapshot env context (#204)

v1v · web-flow · commit 751350bd77eb · 2023-02-15T09:15:10.000Z
diff --git a/.buildkite/hooks/pre-command b/.buildkite/hooks/pre-command
@@ -27,20 +27,21 @@ echo "--- Prepare keys context"
 VAULT_TOKEN=$(vault write -field=token auth/approle/login role_id="$VAULT_ROLE_ID_SECRET" secret_id="$VAULT_SECRET_ID_SECRET")
 export VAULT_TOKEN
 
-# Signing keys
-vault read -field=key secret/release/signing >$KEY_FILE
-KEYPASS_SECRET=$(vault read -field=passphrase secret/release/signing)
-export KEYPASS_SECRET
-export KEY_ID_SECRET=D88E42B4
-
 # Prepare a secure temp folder not shared between other jobs to store the key ring
 export TMP_WORKSPACE=/tmp/secured
 export KEY_FILE=$TMP_WORKSPACE"/private.key"
+
 # Secure home for our keyring
 export GNUPGHOME=$TMP_WORKSPACE"/keyring"
 mkdir -p $GNUPGHOME
 chmod -R 700 $TMP_WORKSPACE
 
+# Signing keys
+vault read -field=key secret/release/signing >$KEY_FILE
+KEYPASS_SECRET=$(vault read -field=passphrase secret/release/signing)
+export KEYPASS_SECRET
+export KEY_ID_SECRET=D88E42B4
+
 # Import the key into the keyring
 echo "$KEYPASS_SECRET" | gpg --batch --import "$KEY_FILE"
 
